Step-by-Step Guide to Deploy a High‑Availability Kubernetes Cluster with Dashboard, Nginx/Keepalived, NFS, Harbor, and Ingress

1. Prerequisites and Environment Preparation

Set hostnames and update /etc/hosts on all nodes, disable firewalld, turn off swap, set SELinux to permissive, load required kernel modules (br_netfilter, overlay, ip_vs, etc.), and apply sysctl settings for bridge networking.

2. Install Docker and Containerd

Install Docker CE from Alibaba mirrors, configure /etc/docker/daemon.json with a registry mirror, start and enable Docker, then verify the version. Containerd is installed automatically and configured to use the systemd cgroup driver.

3. Install Kubernetes Packages

Install kubeadm , kubelet , and kubectl (v1.24.1) on all nodes, enable and start kubelet , and verify the service status.

4. Initialize the Master Cluster

Run kubeadm init --apiserver-advertise-address=192.168.0.113 \ --image-repository=registry.aliyuncs.com/google_containers \ --control-plane-endpoint=cluster-endpoint \ --kubernetes-version=v1.24.1 \ --service-cidr=10.1.0.0/16 \ --pod-network-cidr=10.244.0.0/16 \ --v=5 , then copy /etc/kubernetes/admin.conf to $HOME/.kube/config for cluster access.

5. Join Worker Nodes

Generate a token on the master with kubeadm token create --print-join-command and execute the resulting kubeadm join command on each worker node.

6. Install a CNI Plugin (Flannel)

Pull the Flannel image and apply the manifest: kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml .

7. Configure IPVS Load Balancing

Load ip_vs kernel modules, install ipvsadm , and edit the kube-proxy ConfigMap to set mode: ipvs , then restart the kube-proxy pods.

8. Deploy High‑Availability Load Balancer (Nginx + Keepalived)

Create /etc/nginx/nginx.conf with a TCP stream block pointing to the two master API servers, configure Keepalived with a virtual IP (e.g., 192.168.0.120), and enable both services on the master nodes.

9. Deploy the Kubernetes Dashboard

Apply the dashboard manifest, modify the Service to type NodePort (port 31443), create a ServiceAccount with cluster‑admin rights, retrieve the login token, and access the UI via https://cluster-endpoint:31443 .

10. Set Up an NFS Server and Provisioner

Install nfs-utils , export /opt/nfsdata , start rpcbind and nfs-server , then deploy the nfs-subdir-external-provisioner Helm chart with a StorageClass named nfs-client .

11. Install Harbor Registry (HTTPS)

Create a TLS secret with the generated myharbor.com.crt and .key , add the Harbor Helm repo, and install Harbor with custom values to use the NFS StorageClass, expose via Ingress, and set externalURL=https://myharbor.com . Verify the deployment with kubectl get ingress,svc,pods -n harbor .

12. Configure Containerd to Pull Images from Harbor

Add a registry entry for myharbor.com in /etc/containerd/config.toml , specifying the CA file and authentication credentials, then restart containerd . Pull images using crictl pull myharbor.com/bigdata/mysql:5.7.38 .

13. Clean‑Up and Re‑Deploy (Optional)

If needed, uninstall Harbor with Helm, delete its PVCs, and reinstall with corrected Ingress configuration and proper image repository settings.

The guide concludes with verification steps, screenshots, and tips for troubleshooting common issues such as missing endpoints or load‑balancer IP assignment.